The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.
Over the weekend, Germans took to the polls and chose Friedrich Merz as their new chancellor.
The leadup to the election saw malicious attempts to sway the vote in favor of the far-right party AfD, including online disinformation campaigns. There was some use of AI to amplify messaging too. Though the party did gain significantly, there’s no evidence these online influence operations had an impact, however. New findings indicate that despite much fear around the use of AI to spread disinformation, the general public may be harder to dupe than many expected.
Disinformation monitoring company Graphika said it had tracked efforts by Russian groups across Telegram, BlueSky and X, which included videos with AI-generated voiceovers and impersonations of media outlets to put out articles with false or inflammatory claims. The aim of the campaign “likely crafted in an attempt to stoke division and exacerbate existing societal tensions.”
Graphika said, however, that the effort “gained minimal traction among authentic online audiences in Germany and struggled to break through into the wider conversation.”
There was plenty of bot activity on X, meanwhile, a platform owned and led by Elon Musk, who’d previously voiced support for the AfD with a tweet saying, “Only the AfD can save Germany.”
At least 1,000 fake accounts on X were created over the last year in an attempt to influence the election, many used to amplify support for the far-right party, according to Cyabra, an Israeli anti-disinformation company Cyabra.
“The full extent of digital influence on the results is still unclear,” said Dan Brahmy, CEO of Cyabra. “What is clear, however, is the surge in online conversations about AfD—Cyabra’s analysis shows a major spike in engagement across social media, with fake profiles playing a key role in amplifying the discourse. This isn’t just a one-off event or unique to Germany’s election.” He warned that state governments would only further use online platforms in an attempt to influence world events.
As per another analysis from the Atlantic Council’s Digital Forensic Research Lab and AlgorithmWatch, the AfD has proven popular on X not because of significant bot activity, but by leader Alice Weidel and her online interactions with Musk. Though the increased engagement there came mostly from English-language accounts, not from German profiles.
What the country’s election also shows, however, is that scale isn’t everything. If AI and influence operations are going to make an impact, they will have to be convincing enough to make people believe there’s nothing nefarious or fake about the content being mass-produced. Many will hope that day doesn’t come.
Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964.
THE BIG STORY:
Apple Cuts iCloud Encryption Service In UK
After the U.K. quietly demanded Apple allow access to encrypted content stored on the iCloud, the tech giant decided to stop offering the extra layer of security to the country’s users.
The Washington Post was the first to report on the U.K. order, which came via security officials and “has no known precedent in major democracies.”
Apple confirmed on Friday it would be pulling the Advanced Data Protection feature, saying, “We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy. Enhancing the security of cloud storage with end-to-end encryption is more urgent than ever before.”
Stories You Have To Read Today
DOGE employees Edward Coristine and Kyle Schutt are now inside the DHS’ Cybersecurity and Infrastructure Security Agency (CISA), Wired reports. Coristine reportedly has links to a cybercrime community known as The Com, raising his concerns about his position inside the U.S. government’s main cybersecurity body.
Russia has been targeting Signal accounts of Ukrainian military personnel via malicious QR codes, Google has warned. Signal has now updated its app with some additional authentication in an attempt to stop the attacks from succeeding.
Over on Court Watch, a Mississippi judge has deemed so-called “tower dumps” unconstitutional. A long-standing surveillance technique, tower dumps are when the police request information on all phones connected to cell towers that are close to a given crime or crimes.
Winner of the Week
Dream, an AI cybersecurity company cofounded by ex-CEO of spyware company NSO Group Shalev Hulio and former Austrian Chancellor Sebastian Kurz, has raised $100 million in funding at a $1.1 billion valuation. It claimed $130 million in 2024 sales, as it focuses on governments and national cybersecurity agencies.
Loser of the Week
North Korean hackers have been linked to the biggest cryptocurrency heist of all time. The theft of $1.5 billion in crypto from exchange Bybit may also be the biggest ever theft of any kind of currency. The hackers stole the funds from Bybit’s Ethereum stash. Customers have been told they will be refunded any currency lost.
